logo

blog

My website can't be that messy, right? git clone https://anongit.hacktivis.me/git/blog.git/

Bootstrapping signify for my assets.xhtml (2388B)

    

  1. <!--
  2. Copyright © 2014 Haelwenn (lanodan) Monnier
  3. SPDX-License-Identifier: LAL-1.3
  4. -->
  5. <article xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" class="h-entry">
  6. <a href="/articles/Bootstrapping%20signify%20for%20my%20assets"><h1>Bootstrapping signify for my assets</h1></a>
  7. <p><a href="/articles/Pretty%20Bad%20Privacy">As you might know</a>, I'm not a huge fan of OpenPGP so when I learned about <a href="https://flak.tedunangst.com/post/signify">OpenBSD's signify(1)</a> I wanted to use it on doing my next software release, now is the time.</p>
  8. <p>In a way similar to OpenBSD I'm going to rotate keys at least once every 6 months, I'll not probably not write blog articles on each rotation unless it nicely syncs with my status updates but I'll copy them into <a href="/releases/signify/">/releases/signify/</a> and post them on the fediverse (<a href="https://queer.hacktivis.me/objects/ad8b985c-495c-4c34-a3db-4758cb4eb13f">like this</a>) or any other place.</p>
  9. <h2>keys and their signatures</h2>
  10. <p>2019-10 is the first key present to have both key signed, actual assets will be using 2019-11 (the second key), first key being there only to show how the rotation is done.</p>
  11. <h3>2019-10.pub</h3>
  12. <pre>
  13. untrusted comment: minisign public key C99CEA24AB65873
  14. RWRzWLZKos6ZDNH4RrGKwA5/I4OUJtgR/CHZkn1Cac0Qxj9wTxH2WgIL
  15. </pre>
  16. <h3>2019-10.pub.2019-11.sig</h3>
  17. <pre>
  18. untrusted comment: signature from minisign secret key
  19. RWQpg/ljPbQGXyNHZOdkuRmIw2GubkKwIsEeujcywnAa7iJjWkOxj7plCP09wr+wkJujpZMEJTEMUTxBimPEF3RXx43ITM9EhgQ=
  20. trusted comment: timestamp:1572560484   file:2019-10.pub
  21. Mn5xpXQjR2tK1pPe1MrzJTsfRTPM8clPwlEQFUHulHM6ZBGSZRVQBc8qcEOrV/omUjS5cbEfTBC/pzxeTs3EBQ==
  22. </pre>
  23. <h3>2019-11.pub</h3>
  24. <pre>
  25. untrusted comment: minisign public key 5F06B43D63F98329
  26. RWQpg/ljPbQGX16QkJEETSdJ4taNNB7acmdkVEMW2waT5GeXwvn3emSR
  27. </pre>
  28. <h3>2019-11.pub.2019-10.sig</h3>
  29. <pre>
  30. untrusted comment: signature from minisign secret key
  31. RWRzWLZKos6ZDHJvpCdCVNiQ2xVuYqJakRgTbMYAsn9BIdC7q+X/5TaHwAG3HvA9QThUnnZ936GMukMcj3hs9vhZtjPcJw8a6gM=
  32. trusted comment: timestamp:1572560509   file:2019-11.pub
  33. /T+4tPEtKIxut9tEOrJUQKRi25A/Vn7V64MntZpWxPiOzD9h5EvYc10cVp5dNzWYQ2Wp+iMFjZvKbwTe+kbSBQ==
  34. </pre>
  35. <p><a href="https://queer.hacktivis.me/objects/ad8b985c-495c-4c34-a3db-4758cb4eb13f">Fediverse post for comments</a>, published on 2019-10-31T23:08:00Z, last updated on 2019-10-31T23:08:00Z</p>
  36. </article>